{"id":"MAL-2024-5186","summary":"Malicious code in gorilla2 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","modified":"2024-10-24T01:01:58Z","published":"2024-06-25T13:35:47Z","database_specific":{"malicious-packages-origins":[{"import_time":"2024-06-28T02:49:04.557054129Z","versions":["3.4.0","0.5.8"],"sha256":"c39b597a51ba6cb85a1edf1b5f5ec1b27ef8981067a73c83779ef43b17f404c3","source":"reversing-labs","id":"RLMA-2024-03968","modified_time":"2024-06-25T13:35:47Z"},{"import_time":"2024-10-24T00:59:15.400371415Z","sha256":"aad1ec09c9535dcc6e9c9de1a8b52b786945ded63a0a444fbc9c3c6fdad8b323","source":"reversing-labs","id":"RLUA-2024-08326","modified_time":"2024-10-16T14:41:43Z"}]},"references":[{"type":"ADVISORY","url":"https://research.jfrog.com/malicious-packages/"},{"type":"ARTICLE","url":"https://blog.sonatype.com/malware-monthly-january-2023"}],"affected":[{"package":{"name":"gorilla2","ecosystem":"PyPI","purl":"pkg:pypi/gorilla2"},"versions":["3.4.0","0.5.8"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/gorilla2/MAL-2024-5186.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}